summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog.adoc1
-rw-r--r--doc/de/autogen/user/relay_options.adoc6
-rw-r--r--doc/en/autogen/user/relay_options.adoc6
-rw-r--r--doc/fr/autogen/user/relay_options.adoc6
-rw-r--r--doc/it/autogen/user/relay_options.adoc6
-rw-r--r--doc/ja/autogen/user/relay_options.adoc6
-rw-r--r--doc/pl/autogen/user/relay_options.adoc6
-rw-r--r--po/cs.po11
-rw-r--r--po/de.po11
-rw-r--r--po/es.po11
-rw-r--r--po/fr.po20
-rw-r--r--po/hu.po11
-rw-r--r--po/it.po11
-rw-r--r--po/ja.po11
-rw-r--r--po/pl.po11
-rw-r--r--po/pt.po11
-rw-r--r--po/pt_BR.po11
-rw-r--r--po/ru.po11
-rw-r--r--po/tr.po11
-rw-r--r--po/weechat.pot11
-rw-r--r--src/plugins/relay/relay-config.c35
-rw-r--r--src/plugins/relay/relay-config.h2
-rw-r--r--src/plugins/relay/weechat/relay-weechat-protocol.c17
23 files changed, 228 insertions, 15 deletions
diff --git a/ChangeLog.adoc b/ChangeLog.adoc
index 90cac3d34..cc4b832a3 100644
--- a/ChangeLog.adoc
+++ b/ChangeLog.adoc
@@ -23,6 +23,7 @@ New features::
* core: add option "addreplace" in command /filter (issue #1055, issue #1312)
* api: add function command_options (issue #928)
* api: add function string_match_list
+ * relay: add option relay.weechat.commands (issue #928)
* spell: rename aspell plugin to spell (issue #1299)
Bug fixes::
diff --git a/doc/de/autogen/user/relay_options.adoc b/doc/de/autogen/user/relay_options.adoc
index 2ae15aa30..6aa5677b4 100644
--- a/doc/de/autogen/user/relay_options.adoc
+++ b/doc/de/autogen/user/relay_options.adoc
@@ -181,3 +181,9 @@
** Typ: Zeichenkette
** Werte: beliebige Zeichenkette
** Standardwert: `+""+`
+
+* [[option_relay.weechat.commands]] *relay.weechat.commands*
+** Beschreibung: pass:none[comma-separated list of commands allowed/denied when input data (text or command) is received from a client; "*" means any command, a name beginning with "!" is a negative value to prevent a command from being executed, wildcard "*" is allowed in names; by default all commands are allowed except /exec, /upgrade and /quit (which could lead to denial of service or remote code execution if the client is not trusted)]
+** Typ: Zeichenkette
+** Werte: beliebige Zeichenkette
+** Standardwert: `+"*,!exec,!upgrade,!quit"+`
diff --git a/doc/en/autogen/user/relay_options.adoc b/doc/en/autogen/user/relay_options.adoc
index 649cb4c35..c47fbbb87 100644
--- a/doc/en/autogen/user/relay_options.adoc
+++ b/doc/en/autogen/user/relay_options.adoc
@@ -181,3 +181,9 @@
** type: string
** values: any string
** default value: `+""+`
+
+* [[option_relay.weechat.commands]] *relay.weechat.commands*
+** description: pass:none[comma-separated list of commands allowed/denied when input data (text or command) is received from a client; "*" means any command, a name beginning with "!" is a negative value to prevent a command from being executed, wildcard "*" is allowed in names; by default all commands are allowed except /exec, /upgrade and /quit (which could lead to denial of service or remote code execution if the client is not trusted)]
+** type: string
+** values: any string
+** default value: `+"*,!exec,!upgrade,!quit"+`
diff --git a/doc/fr/autogen/user/relay_options.adoc b/doc/fr/autogen/user/relay_options.adoc
index f945be833..9192d8349 100644
--- a/doc/fr/autogen/user/relay_options.adoc
+++ b/doc/fr/autogen/user/relay_options.adoc
@@ -181,3 +181,9 @@
** type: chaîne
** valeurs: toute chaîne
** valeur par défaut: `+""+`
+
+* [[option_relay.weechat.commands]] *relay.weechat.commands*
+** description: pass:none[liste des commandes autorisées/interdites lorsque qu'une entrée de données (texte ou commande) est reçue du client (séparées par des virgules) ; "*" signifie toutes les commandes, un nom commençant par "!" est une valeur négative pour empêcher une commande d'être exécutée, le caractère joker "*" est autorisé dans les noms ; par défaut toutes les commandes sont autorisées sauf /exec, /upgrade et /quit (ce qui pourrait conduire à un déni de service ou l'exécution de commandes à distance si le client n'est pas sûr)]
+** type: chaîne
+** valeurs: toute chaîne
+** valeur par défaut: `+"*,!exec,!upgrade,!quit"+`
diff --git a/doc/it/autogen/user/relay_options.adoc b/doc/it/autogen/user/relay_options.adoc
index 03d4e9a40..23c494af4 100644
--- a/doc/it/autogen/user/relay_options.adoc
+++ b/doc/it/autogen/user/relay_options.adoc
@@ -181,3 +181,9 @@
** tipo: stringa
** valori: qualsiasi stringa
** valore predefinito: `+""+`
+
+* [[option_relay.weechat.commands]] *relay.weechat.commands*
+** descrizione: pass:none[comma-separated list of commands allowed/denied when input data (text or command) is received from a client; "*" means any command, a name beginning with "!" is a negative value to prevent a command from being executed, wildcard "*" is allowed in names; by default all commands are allowed except /exec, /upgrade and /quit (which could lead to denial of service or remote code execution if the client is not trusted)]
+** tipo: stringa
+** valori: qualsiasi stringa
+** valore predefinito: `+"*,!exec,!upgrade,!quit"+`
diff --git a/doc/ja/autogen/user/relay_options.adoc b/doc/ja/autogen/user/relay_options.adoc
index 6ce74024a..84235c4cc 100644
--- a/doc/ja/autogen/user/relay_options.adoc
+++ b/doc/ja/autogen/user/relay_options.adoc
@@ -181,3 +181,9 @@
** タイプ: 文字列
** 値: 未制約文字列
** デフォルト値: `+""+`
+
+* [[option_relay.weechat.commands]] *relay.weechat.commands*
+** 説明: pass:none[comma-separated list of commands allowed/denied when input data (text or command) is received from a client; "*" means any command, a name beginning with "!" is a negative value to prevent a command from being executed, wildcard "*" is allowed in names; by default all commands are allowed except /exec, /upgrade and /quit (which could lead to denial of service or remote code execution if the client is not trusted)]
+** タイプ: 文字列
+** 値: 未制約文字列
+** デフォルト値: `+"*,!exec,!upgrade,!quit"+`
diff --git a/doc/pl/autogen/user/relay_options.adoc b/doc/pl/autogen/user/relay_options.adoc
index dbc994977..fb0cf5d8c 100644
--- a/doc/pl/autogen/user/relay_options.adoc
+++ b/doc/pl/autogen/user/relay_options.adoc
@@ -181,3 +181,9 @@
** typ: ciąg
** wartości: dowolny ciąg
** domyślna wartość: `+""+`
+
+* [[option_relay.weechat.commands]] *relay.weechat.commands*
+** opis: pass:none[comma-separated list of commands allowed/denied when input data (text or command) is received from a client; "*" means any command, a name beginning with "!" is a negative value to prevent a command from being executed, wildcard "*" is allowed in names; by default all commands are allowed except /exec, /upgrade and /quit (which could lead to denial of service or remote code execution if the client is not trusted)]
+** typ: ciąg
+** wartości: dowolny ciąg
+** domyślna wartość: `+"*,!exec,!upgrade,!quit"+`
diff --git a/po/cs.po b/po/cs.po
index bc9a1f295..3aa53f7a8 100644
--- a/po/cs.po
+++ b/po/cs.po
@@ -21,7 +21,7 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
-"POT-Creation-Date: 2019-02-28 20:16+0100\n"
+"POT-Creation-Date: 2019-02-28 20:19+0100\n"
"PO-Revision-Date: 2019-02-28 20:18+0100\n"
"Last-Translator: Ondřej Súkup <mimi.vx@gmail.com>\n"
"Language-Team: weechat-dev <weechat-dev@nongnu.org>\n"
@@ -10864,6 +10864,15 @@ msgid ""
"sent as irc tag); empty string = disable time in backlog messages"
msgstr ""
+msgid ""
+"comma-separated list of commands allowed/denied when input data (text or "
+"command) is received from a client; \"*\" means any command, a name "
+"beginning with \"!\" is a negative value to prevent a command from being "
+"executed, wildcard \"*\" is allowed in names; by default all commands are "
+"allowed except /exec, /upgrade and /quit (which could lead to denial of "
+"service or remote code execution if the client is not trusted)"
+msgstr ""
+
#, fuzzy
msgid "number of clients for relay"
msgstr "Klienti pro přenos:"
diff --git a/po/de.po b/po/de.po
index 406f9ba3d..093c0a187 100644
--- a/po/de.po
+++ b/po/de.po
@@ -24,7 +24,7 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
-"POT-Creation-Date: 2019-02-28 20:16+0100\n"
+"POT-Creation-Date: 2019-02-28 20:19+0100\n"
"PO-Revision-Date: 2019-02-28 20:18+0100\n"
"Last-Translator: Nils Görs <weechatter@arcor.de>\n"
"Language-Team: German <kde-i18n-de@kde.org>\n"
@@ -12768,6 +12768,15 @@ msgstr ""
"gesendet wird); keine Zeichenkette = deaktiviert die Zeitanzeige im "
"Verlaufsspeicher"
+msgid ""
+"comma-separated list of commands allowed/denied when input data (text or "
+"command) is received from a client; \"*\" means any command, a name "
+"beginning with \"!\" is a negative value to prevent a command from being "
+"executed, wildcard \"*\" is allowed in names; by default all commands are "
+"allowed except /exec, /upgrade and /quit (which could lead to denial of "
+"service or remote code execution if the client is not trusted)"
+msgstr ""
+
msgid "number of clients for relay"
msgstr "Anzahl an Clients für Relay"
diff --git a/po/es.po b/po/es.po
index 6fd98f8b3..db9b03f30 100644
--- a/po/es.po
+++ b/po/es.po
@@ -22,7 +22,7 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
-"POT-Creation-Date: 2019-02-28 20:16+0100\n"
+"POT-Creation-Date: 2019-02-28 20:19+0100\n"
"PO-Revision-Date: 2019-02-28 20:18+0100\n"
"Last-Translator: Elián Hanisch <lambdae2@gmail.com>\n"
"Language-Team: weechat-dev <weechat-dev@nongnu.org>\n"
@@ -11217,6 +11217,15 @@ msgid ""
"sent as irc tag); empty string = disable time in backlog messages"
msgstr ""
+msgid ""
+"comma-separated list of commands allowed/denied when input data (text or "
+"command) is received from a client; \"*\" means any command, a name "
+"beginning with \"!\" is a negative value to prevent a command from being "
+"executed, wildcard \"*\" is allowed in names; by default all commands are "
+"allowed except /exec, /upgrade and /quit (which could lead to denial of "
+"service or remote code execution if the client is not trusted)"
+msgstr ""
+
#, fuzzy
msgid "number of clients for relay"
msgstr "Lista de clientes a retransmitir"
diff --git a/po/fr.po b/po/fr.po
index 8a7a21349..24f4f5d60 100644
--- a/po/fr.po
+++ b/po/fr.po
@@ -21,8 +21,8 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
-"POT-Creation-Date: 2019-02-28 20:16+0100\n"
-"PO-Revision-Date: 2019-02-28 20:18+0100\n"
+"POT-Creation-Date: 2019-02-28 20:19+0100\n"
+"PO-Revision-Date: 2019-02-28 20:22+0100\n"
"Last-Translator: Sébastien Helleu <flashcode@flashtux.org>\n"
"Language-Team: weechat-dev <weechat-dev@nongnu.org>\n"
"Language: fr\n"
@@ -12491,6 +12491,22 @@ msgstr ""
"activée par le client, car l'heure est envoyée sous forme d'étiquette irc) ; "
"chaîne vide = désactiver l'heure dans les messages d'historique"
+msgid ""
+"comma-separated list of commands allowed/denied when input data (text or "
+"command) is received from a client; \"*\" means any command, a name "
+"beginning with \"!\" is a negative value to prevent a command from being "
+"executed, wildcard \"*\" is allowed in names; by default all commands are "
+"allowed except /exec, /upgrade and /quit (which could lead to denial of "
+"service or remote code execution if the client is not trusted)"
+msgstr ""
+"liste des commandes autorisées/interdites lorsque qu'une entrée de données "
+"(texte ou commande) est reçue du client (séparées par des virgules) ; \"*\" "
+"signifie toutes les commandes, un nom commençant par \"!\" est une valeur "
+"négative pour empêcher une commande d'être exécutée, le caractère joker \"*"
+"\" est autorisé dans les noms ; par défaut toutes les commandes sont "
+"autorisées sauf /exec, /upgrade et /quit (ce qui pourrait conduire à un déni "
+"de service ou l'exécution de commandes à distance si le client n'est pas sûr)"
+
msgid "number of clients for relay"
msgstr "nombre de clients pour le relai"
diff --git a/po/hu.po b/po/hu.po
index c0d0880d7..cecda1952 100644
--- a/po/hu.po
+++ b/po/hu.po
@@ -20,7 +20,7 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
-"POT-Creation-Date: 2019-02-28 20:16+0100\n"
+"POT-Creation-Date: 2019-02-28 20:19+0100\n"
"PO-Revision-Date: 2019-02-28 20:18+0100\n"
"Last-Translator: Andras Voroskoi <voroskoi@frugalware.org>\n"
"Language-Team: weechat-dev <weechat-dev@nongnu.org>\n"
@@ -10223,6 +10223,15 @@ msgid ""
"sent as irc tag); empty string = disable time in backlog messages"
msgstr ""
+msgid ""
+"comma-separated list of commands allowed/denied when input data (text or "
+"command) is received from a client; \"*\" means any command, a name "
+"beginning with \"!\" is a negative value to prevent a command from being "
+"executed, wildcard \"*\" is allowed in names; by default all commands are "
+"allowed except /exec, /upgrade and /quit (which could lead to denial of "
+"service or remote code execution if the client is not trusted)"
+msgstr ""
+
#, fuzzy
msgid "number of clients for relay"
msgstr "Nincs szerver.\n"
diff --git a/po/it.po b/po/it.po
index 720af6a67..6c178a15c 100644
--- a/po/it.po
+++ b/po/it.po
@@ -20,7 +20,7 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
-"POT-Creation-Date: 2019-02-28 20:16+0100\n"
+"POT-Creation-Date: 2019-02-28 20:19+0100\n"
"PO-Revision-Date: 2019-02-28 20:18+0100\n"
"Last-Translator: Esteban I. Ruiz Moreno <exio4.com@gmail.com>\n"
"Language-Team: weechat-dev <weechat-dev@nongnu.org>\n"
@@ -11419,6 +11419,15 @@ msgid ""
"sent as irc tag); empty string = disable time in backlog messages"
msgstr ""
+msgid ""
+"comma-separated list of commands allowed/denied when input data (text or "
+"command) is received from a client; \"*\" means any command, a name "
+"beginning with \"!\" is a negative value to prevent a command from being "
+"executed, wildcard \"*\" is allowed in names; by default all commands are "
+"allowed except /exec, /upgrade and /quit (which could lead to denial of "
+"service or remote code execution if the client is not trusted)"
+msgstr ""
+
#, fuzzy
msgid "number of clients for relay"
msgstr "Elenco dei client per il relay"
diff --git a/po/ja.po b/po/ja.po
index 2bb6c9a4b..a56b5254b 100644
--- a/po/ja.po
+++ b/po/ja.po
@@ -20,7 +20,7 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
-"POT-Creation-Date: 2019-02-28 20:16+0100\n"
+"POT-Creation-Date: 2019-02-28 20:19+0100\n"
"PO-Revision-Date: 2019-02-28 20:18+0100\n"
"Last-Translator: AYANOKOUZI, Ryuunosuke <i38w7i3@yahoo.co.jp>\n"
"Language-Team: Japanese <https://github.com/l/weechat/tree/master/"
@@ -12039,6 +12039,15 @@ msgstr ""
"\"server-time\" 機能を利用可能にした場合、これは利用されません); 空文字列 = "
"バックログメッセージで時間を表示しない"
+msgid ""
+"comma-separated list of commands allowed/denied when input data (text or "
+"command) is received from a client; \"*\" means any command, a name "
+"beginning with \"!\" is a negative value to prevent a command from being "
+"executed, wildcard \"*\" is allowed in names; by default all commands are "
+"allowed except /exec, /upgrade and /quit (which could lead to denial of "
+"service or remote code execution if the client is not trusted)"
+msgstr ""
+
msgid "number of clients for relay"
msgstr "中継するクライアントのリスト"
diff --git a/po/pl.po b/po/pl.po
index 06eb111ed..6759e63e0 100644
--- a/po/pl.po
+++ b/po/pl.po
@@ -22,7 +22,7 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
-"POT-Creation-Date: 2019-02-28 20:16+0100\n"
+"POT-Creation-Date: 2019-02-28 20:19+0100\n"
"PO-Revision-Date: 2019-02-28 20:19+0100\n"
"Last-Translator: Krzysztof Korościk <soltys@soltys.info>\n"
"Language-Team: Polish <kde-i18n-doc@kde.org>\n"
@@ -12223,6 +12223,15 @@ msgstr ""
"czas jest wysyłany jako tag irc); pusty ciąg = wyłącza znacznik czasu w "
"backlogu"
+msgid ""
+"comma-separated list of commands allowed/denied when input data (text or "
+"command) is received from a client; \"*\" means any command, a name "
+"beginning with \"!\" is a negative value to prevent a command from being "
+"executed, wildcard \"*\" is allowed in names; by default all commands are "
+"allowed except /exec, /upgrade and /quit (which could lead to denial of "
+"service or remote code execution if the client is not trusted)"
+msgstr ""
+
msgid "number of clients for relay"
msgstr "liczba podłączonych klientów"
diff --git a/po/pt.po b/po/pt.po
index 1cd75a15f..75af0d0bb 100644
--- a/po/pt.po
+++ b/po/pt.po
@@ -20,7 +20,7 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
-"POT-Creation-Date: 2019-02-28 20:16+0100\n"
+"POT-Creation-Date: 2019-02-28 20:19+0100\n"
"PO-Revision-Date: 2019-02-28 20:19+0100\n"
"Last-Translator: Vasco Almeida <vascomalmeida@sapo.pt>\n"
"Language-Team: Portuguese <>\n"
@@ -11879,6 +11879,15 @@ msgstr ""
"pelo cliente, porque o tempo é enviado como tag de irc); cadeia vazia = "
"desativar hora nas mensagens do registo recente"
+msgid ""
+"comma-separated list of commands allowed/denied when input data (text or "
+"command) is received from a client; \"*\" means any command, a name "
+"beginning with \"!\" is a negative value to prevent a command from being "
+"executed, wildcard \"*\" is allowed in names; by default all commands are "
+"allowed except /exec, /upgrade and /quit (which could lead to denial of "
+"service or remote code execution if the client is not trusted)"
+msgstr ""
+
msgid "number of clients for relay"
msgstr "número de cliente para reencaminhar"
diff --git a/po/pt_BR.po b/po/pt_BR.po
index c5aa6ba57..421cebb1b 100644
--- a/po/pt_BR.po
+++ b/po/pt_BR.po
@@ -21,7 +21,7 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
-"POT-Creation-Date: 2019-02-28 20:16+0100\n"
+"POT-Creation-Date: 2019-02-28 20:19+0100\n"
"PO-Revision-Date: 2019-02-28 20:19+0100\n"
"Last-Translator: Eduardo Elias <camponez@gmail.com>\n"
"Language-Team: weechat-dev <weechat-dev@nongnu.org>\n"
@@ -10672,6 +10672,15 @@ msgid ""
"sent as irc tag); empty string = disable time in backlog messages"
msgstr ""
+msgid ""
+"comma-separated list of commands allowed/denied when input data (text or "
+"command) is received from a client; \"*\" means any command, a name "
+"beginning with \"!\" is a negative value to prevent a command from being "
+"executed, wildcard \"*\" is allowed in names; by default all commands are "
+"allowed except /exec, /upgrade and /quit (which could lead to denial of "
+"service or remote code execution if the client is not trusted)"
+msgstr ""
+
#, fuzzy
msgid "number of clients for relay"
msgstr "numero de clientes para o relay"
diff --git a/po/ru.po b/po/ru.po
index 53b232ebd..9607a2827 100644
--- a/po/ru.po
+++ b/po/ru.po
@@ -21,7 +21,7 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
-"POT-Creation-Date: 2019-02-28 20:16+0100\n"
+"POT-Creation-Date: 2019-02-28 20:19+0100\n"
"PO-Revision-Date: 2019-02-28 20:19+0100\n"
"Last-Translator: Aleksey V Zapparov AKA ixti <ixti@member.fsf.org>\n"
"Language-Team: weechat-dev <weechat-dev@nongnu.org>\n"
@@ -10256,6 +10256,15 @@ msgid ""
"sent as irc tag); empty string = disable time in backlog messages"
msgstr ""
+msgid ""
+"comma-separated list of commands allowed/denied when input data (text or "
+"command) is received from a client; \"*\" means any command, a name "
+"beginning with \"!\" is a negative value to prevent a command from being "
+"executed, wildcard \"*\" is allowed in names; by default all commands are "
+"allowed except /exec, /upgrade and /quit (which could lead to denial of "
+"service or remote code execution if the client is not trusted)"
+msgstr ""
+
#, fuzzy
msgid "number of clients for relay"
msgstr "Нет сервера.\n"
diff --git a/po/tr.po b/po/tr.po
index 57fd53ec9..9f2548f9a 100644
--- a/po/tr.po
+++ b/po/tr.po
@@ -20,7 +20,7 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
-"POT-Creation-Date: 2019-02-28 20:16+0100\n"
+"POT-Creation-Date: 2019-02-28 20:19+0100\n"
"PO-Revision-Date: 2019-01-29 21:05+0100\n"
"Last-Translator: Hasan Kiran <sunder67@hotmail.com>\n"
"Language-Team: weechat-dev <weechat-dev@nongnu.org>\n"
@@ -9318,6 +9318,15 @@ msgid ""
"sent as irc tag); empty string = disable time in backlog messages"
msgstr ""
+msgid ""
+"comma-separated list of commands allowed/denied when input data (text or "
+"command) is received from a client; \"*\" means any command, a name "
+"beginning with \"!\" is a negative value to prevent a command from being "
+"executed, wildcard \"*\" is allowed in names; by default all commands are "
+"allowed except /exec, /upgrade and /quit (which could lead to denial of "
+"service or remote code execution if the client is not trusted)"
+msgstr ""
+
msgid "number of clients for relay"
msgstr ""
diff --git a/po/weechat.pot b/po/weechat.pot
index 35ea1f655..042a2d12d 100644
--- a/po/weechat.pot
+++ b/po/weechat.pot
@@ -21,7 +21,7 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
-"POT-Creation-Date: 2019-02-28 20:16+0100\n"
+"POT-Creation-Date: 2019-02-28 20:19+0100\n"
"PO-Revision-Date: 2014-08-16 10:27+0200\n"
"Last-Translator: Sébastien Helleu <flashcode@flashtux.org>\n"
"Language-Team: weechat-dev <weechat-dev@nongnu.org>\n"
@@ -9185,6 +9185,15 @@ msgid ""
"sent as irc tag); empty string = disable time in backlog messages"
msgstr ""
+msgid ""
+"comma-separated list of commands allowed/denied when input data (text or "
+"command) is received from a client; \"*\" means any command, a name "
+"beginning with \"!\" is a negative value to prevent a command from being "
+"executed, wildcard \"*\" is allowed in names; by default all commands are "
+"allowed except /exec, /upgrade and /quit (which could lead to denial of "
+"service or remote code execution if the client is not trusted)"
+msgstr ""
+
msgid "number of clients for relay"
msgstr ""
diff --git a/src/plugins/relay/relay-config.c b/src/plugins/relay/relay-config.c
index fdfbe5027..dccb025c5 100644
--- a/src/plugins/relay/relay-config.c
+++ b/src/plugins/relay/relay-config.c
@@ -75,6 +75,10 @@ struct t_config_option *relay_config_irc_backlog_since_last_message;
struct t_config_option *relay_config_irc_backlog_tags;
struct t_config_option *relay_config_irc_backlog_time_format;
+/* relay config, weechat section */
+
+struct t_config_option *relay_config_weechat_commands;
+
/* other */
regex_t *relay_config_regex_allowed_ips = NULL;
@@ -1003,6 +1007,37 @@ relay_config_init ()
NULL, 0, 0, "[%H:%M] ", NULL, 0,
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL);
+ /* section weechat */
+ ptr_section = weechat_config_new_section (relay_config_file, "weechat",
+ 0, 0,
+ NULL, NULL, NULL,
+ NULL, NULL, NULL,
+ NULL, NULL, NULL,
+ NULL, NULL, NULL,
+ NULL, NULL, NULL);
+ if (!ptr_section)
+ {
+ weechat_config_free (relay_config_file);
+ relay_config_file = NULL;
+ return 0;
+ }
+
+ relay_config_weechat_commands = weechat_config_new_option (
+ relay_config_file, ptr_section,
+ "commands", "string",
+ N_("comma-separated list of commands allowed/denied when input "
+ "data (text or command) is received from a client; "
+ "\"*\" means any command, a name beginning with \"!\" is "
+ "a negative value to prevent a command from being executed, "
+ "wildcard \"*\" is allowed in names; by default all commands "
+ "are allowed except /exec, /upgrade and /quit (which could lead "
+ "to denial of service or remote code execution if the client is "
+ "not trusted)"),
+ NULL, 0, 0, "*,!exec,!upgrade,!quit", NULL, 0,
+ NULL, NULL, NULL,
+ NULL, NULL, NULL,
+ NULL, NULL, NULL);
+
/* section port */
ptr_section = weechat_config_new_section (
relay_config_file, "port",
diff --git a/src/plugins/relay/relay-config.h b/src/plugins/relay/relay-config.h
index d05721d04..14fce3420 100644
--- a/src/plugins/relay/relay-config.h
+++ b/src/plugins/relay/relay-config.h
@@ -57,6 +57,8 @@ extern struct t_config_option *relay_config_irc_backlog_since_last_message;
extern struct t_config_option *relay_config_irc_backlog_tags;
extern struct t_config_option *relay_config_irc_backlog_time_format;
+extern struct t_config_option *relay_config_weechat_commands;
+
extern regex_t *relay_config_regex_allowed_ips;
extern regex_t *relay_config_regex_websocket_allowed_origins;
extern struct t_hashtable *relay_config_hashtable_irc_backlog_tags;
diff --git a/src/plugins/relay/weechat/relay-weechat-protocol.c b/src/plugins/relay/weechat/relay-weechat-protocol.c
index 9ea66947a..1cc94af24 100644
--- a/src/plugins/relay/weechat/relay-weechat-protocol.c
+++ b/src/plugins/relay/weechat/relay-weechat-protocol.c
@@ -404,6 +404,7 @@ relay_weechat_protocol_input_timer_cb (const void *pointer,
char **timer_args;
int i;
struct t_gui_buffer *ptr_buffer;
+ struct t_hashtable *options;
/* make C compiler happy */
(void) data;
@@ -418,7 +419,21 @@ relay_weechat_protocol_input_timer_cb (const void *pointer,
{
ptr_buffer = weechat_buffer_search ("==", timer_args[0]);
if (ptr_buffer)
- weechat_command (ptr_buffer, timer_args[1]);
+ {
+ options = weechat_hashtable_new (8,
+ WEECHAT_HASHTABLE_STRING,
+ WEECHAT_HASHTABLE_STRING,
+ NULL, NULL);
+ if (options)
+ {
+ weechat_hashtable_set (
+ options,
+ "commands",
+ weechat_config_string (relay_config_weechat_commands));
+ weechat_command_options (ptr_buffer, timer_args[1], options);
+ weechat_hashtable_free (options);
+ }
+ }
}
for (i = 0; i < 2; i++)